[Git][NTPsec/ntpsec][master] 5 commits: NTS: NTS code now uses strerror_r rather than strerror
Hal Murray
gitlab at mg.gitlab.com
Sun Apr 7 09:23:23 UTC 2019
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
4833ca5f by Hal Murray at 2019-04-06T04:14:38Z
NTS: NTS code now uses strerror_r rather than strerror
Another step in making things thread safe
- - - - -
8d4288dc by Hal Murray at 2019-04-06T07:53:47Z
NTS: make thread safe versions of socktoa and sockporttoa
and a trap in libntp/lib_strbuf for calling lib_getbuf()
form a non-main thread.
- - - - -
05d688cc by Hal Murray at 2019-04-07T04:50:00Z
NTS: sockaddr cleanup in ntpd/nts_server.c
- - - - -
4f13d445 by Hal Murray at 2019-04-07T04:54:45Z
More comments about using threads to devel/hacking.adoc
- - - - -
1a6b51e0 by Hal Murray at 2019-04-07T09:22:38Z
Miinor update to devel/TODO-NTS
- - - - -
12 changed files:
- devel/TODO-NTS
- devel/hacking.adoc
- include/ntp_stdlib.h
- libntp/lib_strbuf.c
- libntp/socktoa.c
- libntp/wscript
- ntpd/ntpd.c
- ntpd/nts.c
- ntpd/nts_client.c
- ntpd/nts_cookie.c
- ntpd/nts_server.c
- tests/common/tests_main.c
Changes:
=====================================
devel/TODO-NTS
=====================================
@@ -1,3 +1,8 @@
+For Release:
+ Fix SecondsPerDay in nts_cookie.c
+ It is set to 3600 for testing
+ That makes too-old cookies if the polling interval is long enough
+
BUGS:
timeout on client connect too long (system default)
Is 3 seconds timeout OK? (both client and server)
@@ -5,12 +10,11 @@ BUGS:
nts_log_ssl_error() No SSL param ??
ERR_error_string_n
-Fix SecondsPerDay in nts_cookie.c
- Set to 3600 for testing
-
multithread msyslog
- libntp/lib_strbuf.c is used by socktoa and sockporttoa
- strerror
+ I think this has been fixed.
+
+Hourly logging?
+ ntpq get totals vs recent
documentation:
HOWTO on NTS
=====================================
devel/hacking.adoc
=====================================
@@ -73,7 +73,13 @@ You can read POSIX-1.2001, with 2004 Corrigendum, online for free here:
You can see POSIX.1-2001, SUSv3, online for free here:
http://www.unix-systems.org/version3/
-POSIX threads *are* considered part of the standardized API and may be used.
+POSIX threads *are* considered part of the standardized API, but their
+use requires extreme care. The main part of ntpd assumes it is the only
+thread. One interesting area is msyslog. The DNS thread doesn't call msyslog.
+That was impractical for NTS, so msyslog is thread safe as of 2019-Apr.
+Beware of calling strerror() from non-main threads. Use strerror_r()
+into a buffer on the stack. Similarly, use socktoa_r() and sockporttoa_r()
+and don't call lib_getbuf().
You *may* assume the clock_gettime(2) and clock_settime(2) calls, and
the related getitimer(2)/setitimer(2), from POSIX-1.2008.
=====================================
include/ntp_stdlib.h
=====================================
@@ -99,7 +99,9 @@ extern const char * k_st_flags (uint32_t);
extern char * statustoa (int, int);
extern sockaddr_u * netof6 (sockaddr_u *);
extern const char * socktoa (const sockaddr_u *);
+extern const char * socktoa_r (const sockaddr_u *sock, char *buf, size_t buflen);
extern const char * sockporttoa(const sockaddr_u *);
+extern const char * sockporttoa_r(const sockaddr_u *sock, char *buf, size_t buflen);
extern unsigned short sock_hash(const sockaddr_u *) __attribute__((pure));
extern const char *refid_str (uint32_t, int);
@@ -119,6 +121,7 @@ extern char * ntp_optarg; /* global argument pointer */
extern int ntp_optind; /* global argv index */
/* lib_strbuf.c */
+extern void getbuf_init (void);
extern bool ipv4_works;
extern bool ipv6_works;
=====================================
libntp/lib_strbuf.c
=====================================
@@ -7,6 +7,7 @@
#include "isc_netaddr.h"
+#include "ntp_assert.h"
#include "ntp_fp.h"
#include "ntp_stdlib.h"
#include "lib_strbuf.h"
@@ -16,6 +17,12 @@
*/
static pthread_mutex_t cookie_lock = PTHREAD_MUTEX_INITIALIZER;
+static pthread_t me;
+
+void getbuf_init(void) {
+ me = pthread_self();
+}
+
/*
* Function to get a pointer to the next buffer. Needs to be thread-safe because
* it's used in callers that need to be thread-safe, notably msyslog. For the
@@ -26,13 +33,34 @@ static pthread_mutex_t cookie_lock = PTHREAD_MUTEX_INITIALIZER;
* language, at which point something with this behavior will be
* better than all the contortions we'd have to go through to get rid
* of it in C.
+ *
+ * HGM: But I'm not willing to ship a lurking time bomb,
+ * so I fixed the non-main threads (NTS, DNS) not to call
+ * lib_getbuf and added a trap to make sure I really fixed them all.
*/
+
+
char *lib_getbuf(void)
{
static libbufstr lib_stringbuf[LIB_NUMBUF];
static int lib_nextbuf;
char *bufp;
+// FIXME - need this until python tests can call getbuf_init
+static bool init_done = false;
+ if (!init_done) {
+ getbuf_init();
+ init_done = true;
+ }
+
+ if (pthread_self() != me) {
+ msyslog(LOG_ERR, "ERR: lib_getbuf() called from non-main thread.");
+#ifndef BACKTRACE_DISABLED
+// backtrace_log();
+#endif
+// exit(1);
+ }
+
pthread_mutex_lock(&cookie_lock);
ZERO(lib_stringbuf[lib_nextbuf]);
(bufp) = &lib_stringbuf[lib_nextbuf++][0];
=====================================
libntp/socktoa.c
=====================================
@@ -24,48 +24,53 @@ const char *
socktoa(
const sockaddr_u *sock
)
+{
+ char *buf = lib_getbuf();
+ socktoa_r(sock, buf, LIB_BUFLENGTH);
+ return buf;
+}
+
+const char *
+socktoa_r(
+ const sockaddr_u *sock, char *buf, size_t buflen
+ )
{
int saved_errno;
- char * res;
- char * addr;
unsigned long scope;
saved_errno = errno;
- res = lib_getbuf();
if (NULL == sock) {
- strlcpy(res, "(null)", LIB_BUFLENGTH);
+ strlcpy(buf, "(null)", buflen);
} else {
switch(AF(sock)) {
case AF_INET:
case AF_UNSPEC:
- inet_ntop(AF_INET, PSOCK_ADDR4(sock), res,
- LIB_BUFLENGTH);
+ inet_ntop(AF_INET, PSOCK_ADDR4(sock), buf, buflen);
break;
case AF_INET6:
- inet_ntop(AF_INET6, PSOCK_ADDR6(sock), res,
- LIB_BUFLENGTH);
+ inet_ntop(AF_INET6, PSOCK_ADDR6(sock), buf, buflen);
scope = SCOPE_VAR(sock);
- if (0 != scope && !strchr(res, '%')) {
- addr = res;
- res = lib_getbuf();
- snprintf(res, LIB_BUFLENGTH, "%s%%%lu",
- addr, scope);
- res[LIB_BUFLENGTH - 1] = '\0';
+ if (0 != scope && !strchr(buf, '%')) {
+ char buf2[LIB_BUFLENGTH];
+ snprintf(buf2, sizeof(buf2), "%s%%%lu",
+ buf, scope);
+ buf2[LIB_BUFLENGTH - 1] = '\0';
+ strlcpy(buf, buf2, buflen);
}
break;
default:
- snprintf(res, LIB_BUFLENGTH,
+ snprintf(buf, buflen,
"(socktoa unknown family %d)",
AF(sock));
}
}
errno = saved_errno;
- return res;
+ return buf;
}
@@ -74,18 +79,26 @@ sockporttoa(
const sockaddr_u *sock
)
{
- int saved_errno;
- const char * atext;
- char * buf;
+ char *buf = lib_getbuf();
+ sockporttoa_r(sock, buf, LIB_BUFLENGTH);
+ return buf;
+}
+
+const char *
+sockporttoa_r(
+ const sockaddr_u *sock, char *buf, size_t buflen
+ )
+{
+ int saved_errno;
+ char buf2[LIB_BUFLENGTH];
saved_errno = errno;
- atext = socktoa(sock);
- buf = lib_getbuf();
- snprintf(buf, LIB_BUFLENGTH,
+ socktoa_r(sock, buf2, sizeof(buf2));
+ snprintf(buf, buflen,
(IS_IPV6(sock))
? "[%s]:%hu"
: "%s:%hu",
- atext, SRCPORT(sock));
+ buf2, SRCPORT(sock));
errno = saved_errno;
return buf;
=====================================
libntp/wscript
=====================================
@@ -25,6 +25,7 @@ def build(ctx):
]
libntp_source_sharable = [
+ "assert.c",
"clockwork.c",
"emalloc.c",
"hextolfp.c",
=====================================
ntpd/ntpd.c
=====================================
@@ -512,6 +512,8 @@ ntpdmain(
saved_argc = argc;
saved_argv = argv;
progname = argv[0];
+
+ getbuf_init();
parse_cmdline_opts(argc, argv);
# ifdef DEBUG
setvbuf(stdout, NULL, _IOLBF, 0);
=====================================
ntpd/nts.c
=====================================
@@ -207,9 +207,11 @@ bool nts_load_certificate(SSL_CTX *ctx) {
int nts_ssl_read(SSL *ssl, uint8_t *buff, int buff_length) {
int bytes_read;
+ char errbuf[100];
bytes_read = SSL_read(ssl, buff, buff_length);
if (0 >= bytes_read) {
- msyslog(LOG_INFO, "NTS: SSL_read error: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTS: SSL_read error: %s", errbuf);
nts_log_ssl_error();
return -1;
}
@@ -218,9 +220,11 @@ int nts_ssl_read(SSL *ssl, uint8_t *buff, int buff_length) {
int nts_ssl_write(SSL *ssl, uint8_t *buff, int buff_length) {
int bytes_written;
+ char errbuf[100];
bytes_written = SSL_write(ssl, buff, buff_length);
if (0 >= bytes_written) {
- msyslog(LOG_INFO, "NTS: SSL_write error: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTS: SSL_write error: %s", errbuf);
nts_log_ssl_error();
return -1;
}
=====================================
ntpd/nts_client.c
=====================================
@@ -62,6 +62,7 @@ bool nts_probe(struct peer * peer) {
struct timeval timeout = {.tv_sec = NTS_KE_TIMEOUT, .tv_usec = 0};
const char *hostname = peer->hostname;
char hostbuf[100];
+ char errbuf[100];
SSL *ssl;
int server;
l_fp start, finish;
@@ -98,7 +99,8 @@ bool nts_probe(struct peer * peer) {
err = setsockopt(server, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
if (0 > err) {
- msyslog(LOG_ERR, "NTSc: can't setsockopt: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSc: can't setsockopt: %s", errbuf);
close(server);
nts_ke_probes_bad++;
return false;
@@ -179,7 +181,11 @@ bail:
}
bool nts_check(struct peer *peer) {
-// msyslog(LOG_INFO, "NTSc: nts_check %s, %d", sockporttoa(&sockaddr), addrOK);
+ if (0) {
+ char errbuf[100];
+ sockporttoa_r(&sockaddr, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTSc: nts_check %s, %d", errbuf, addrOK);
+}
if (addrOK) {
dns_take_server(peer, &sockaddr);
dns_take_status(peer, DNS_good);
@@ -230,6 +236,7 @@ SSL_CTX* make_ssl_client_ctx(const char * filename) {
int open_TCP_socket(struct peer *peer, const char *hostname) {
char host[256], port[32];
+ char errbuf[100];
char *tmp;
struct addrinfo hints;
struct addrinfo *answer;
@@ -273,20 +280,24 @@ int open_TCP_socket(struct peer *peer, const char *hostname) {
msyslog(LOG_INFO, "NTSc: DNS lookup of %s took %.3Lf sec",
hostname, lfptod(finish));
- /* Save first answer for NTP */
+ /* Save first answer for NTP, switch to NTP port in case of server-name:port */
memcpy(&sockaddr, answer->ai_addr, answer->ai_addrlen);
- msyslog(LOG_INFO, "NTSc: nts_probe connecting to %s:%s => %s",
- host, port, sockporttoa(&sockaddr));
- /* switch to NTP port in case of server-name:port */
SET_PORT(&sockaddr, NTP_PORT);
+
+ sockporttoa_r(&sockaddr, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTSc: nts_probe connecting to %s:%s => %s",
+ host, port, errbuf);
+
sockfd = socket(answer->ai_family, SOCK_STREAM, 0);
if (-1 == sockfd) {
- msyslog(LOG_INFO, "NTSc: nts_probe: no socket: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTSc: nts_probe: no socket: %s", errbuf);
} else {
// Use first answer
err = connect(sockfd, answer->ai_addr, answer->ai_addrlen);
if (-1 == err) {
- msyslog(LOG_INFO, "NTSc: nts_probe: connect failed: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTSc: nts_probe: connect failed: %s", errbuf);
close(sockfd);
sockfd = -1;
}
@@ -395,6 +406,7 @@ bool nts_make_keys(SSL *ssl, uint16_t aead, uint8_t *c2s, uint8_t *s2c, int keyl
bool nts_client_send_request(SSL *ssl, struct peer* peer) {
uint8_t buff[1000];
+ char errbuf[100];
int used, transferred;
struct BufCtl_t buf;
uint16_t aead = NO_AEAD;
@@ -421,8 +433,9 @@ bool nts_client_send_request(SSL *ssl, struct peer* peer) {
used = sizeof(buff)-buf.left;
if (used >= (int)(sizeof(buff)-10)) {
+ strerror_r(errno, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSc: write failed: %d, %ld, %s",
- used, (long)sizeof(buff), strerror(errno));
+ used, (long)sizeof(buff), errbuf);
return false;
}
@@ -455,6 +468,7 @@ bool nts_client_process_response(SSL *ssl, struct peer* peer) {
uint16_t type, data, port;
bool critical = false;
int length, keylength;
+ char errbuf[100];
#define MAX_SERVER 100
char server[MAX_SERVER];
@@ -526,7 +540,8 @@ bool nts_client_process_response(SSL *ssl, struct peer* peer) {
if (!nts_server_lookup(server, &sockaddr))
return false;
SET_PORT(&sockaddr, port);
- msyslog(LOG_ERR, "NTSc: Using server %s=>%s", server, socktoa(&sockaddr));
+ socktoa_r(&sockaddr, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSc: Using server %s=>%s", server, errbuf);
break;
case nts_port_negotiation:
// FIXME check length
@@ -572,6 +587,7 @@ bool nts_client_process_response(SSL *ssl, struct peer* peer) {
bool nts_set_cert_search(SSL_CTX *ctx, const char *filename) {
struct stat statbuf;
+ char errbuf[100];
if (NULL == filename) {
msyslog(LOG_INFO, "NTSc: Using system default root certificates.");
SSL_CTX_set_default_verify_paths(ctx); // Use system root certs
@@ -592,7 +608,9 @@ bool nts_set_cert_search(SSL_CTX *ctx, const char *filename) {
filename, statbuf.st_mode);
return false;
}
- msyslog(LOG_ERR, "NTSc: can't stat cert dir/file: %s, %s", ntsconfig.ca, strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSc: can't stat cert dir/file: %s, %s",
+ ntsconfig.ca, errbuf);
return false;
}
=====================================
ntpd/nts_cookie.c
=====================================
@@ -200,16 +200,19 @@ bool nts_write_cookie_keys(void) {
const char *cookie_filename = NTS_COOKIE_KEY_FILE;
int fd;
FILE *out;
+ char errbuf[100];
if (NULL != ntsconfig.KI)
cookie_filename = ntsconfig.KI;
fd = open(cookie_filename, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
if (-1 == fd) {
- msyslog(LOG_ERR, "ERR: can't open %s: %s", cookie_filename, strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "ERR: can't open %s: %s", cookie_filename, errbuf);
return false;
}
out = fdopen(fd, "w");
if (NULL == out) {
- msyslog(LOG_ERR, "ERR: can't fdopen %s: %s", cookie_filename, strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "ERR: can't fdopen %s: %s", cookie_filename, errbuf);
close(fd);
return false;
}
=====================================
ntpd/nts_server.c
=====================================
@@ -21,6 +21,9 @@
#include "nts.h"
#include "nts2.h"
+/* Beware: bind and accept take type sockaddr, but that's not big
+ * enough for an IPv6 address.
+ */
static int create_listener(int port, int family);
static void* nts_ke_listener(void*);
@@ -87,16 +90,19 @@ bool nts_server_init2(void) {
pthread_t worker;
sigset_t block_mask, saved_sig_mask;
int rc;
+ char errbuf[100];
sigfillset(&block_mask);
pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
rc = pthread_create(&worker, NULL, nts_ke_listener, &listner4_sock);
if (rc) {
- msyslog(LOG_ERR, "NTSs: nts_start_server4: error from pthread_create: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: nts_start_server4: error from pthread_create: %s", errbuf);
}
rc = pthread_create(&worker, NULL, nts_ke_listener, &listner6_sock);
if (rc) {
- msyslog(LOG_ERR, "NTSs: nts_start_server6: error from pthread_create: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: nts_start_server6: error from pthread_create: %s", errbuf);
}
pthread_sigmask(SIG_SETMASK, &saved_sig_mask, NULL);
@@ -106,6 +112,7 @@ bool nts_server_init2(void) {
void* nts_ke_listener(void* arg) {
struct timeval timeout = {.tv_sec = NTS_KE_TIMEOUT, .tv_usec = 0};
int sock = *(int*)arg;
+ char errbuf[100];
while(1) {
sockaddr_u addr;
@@ -116,7 +123,8 @@ void* nts_ke_listener(void* arg) {
client = accept(sock, &addr.sa, &len);
if (client < 0) {
- msyslog(LOG_ERR, "NTSs: TCP accept failed: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: TCP accept failed: %s", errbuf);
if (EBADF == errno)
return NULL;
sleep(1); /* avoid log clutter on bug */
@@ -124,11 +132,13 @@ void* nts_ke_listener(void* arg) {
}
nts_ke_serves++;
get_systime(&start);
- msyslog(LOG_INFO, "NTSs: TCP accept-ed from %s",
- sockporttoa((sockaddr_u *)&addr));
+
+ sockporttoa_r(&addr, errbuf, sizeof(errbuf));
+ msyslog(LOG_INFO, "NTSs: TCP accept-ed from %s", errbuf);
err = setsockopt(client, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't setsockopt: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't setsockopt: %s", errbuf);
close(client);
nts_ke_serves_bad++;
continue;
@@ -141,8 +151,9 @@ void* nts_ke_listener(void* arg) {
if (SSL_accept(ssl) <= 0) {
get_systime(&finish);
finish -= start;
+ sockporttoa_r(&addr, errbuf, sizeof(errbuf));
msyslog(LOG_ERR, "NTSs: SSL accept from %s failed, %.3Lf sec",
- sockporttoa((sockaddr_u *)&addr), lfptod(finish));
+ errbuf, lfptod(finish));
nts_log_ssl_error();
SSL_free(ssl);
close(client);
@@ -219,70 +230,79 @@ bool nts_ke_request(SSL *ssl) {
int create_listener(int port, int family) {
int sock = -1;
- struct sockaddr_in addr;
- struct sockaddr_in6 addr6;
+ sockaddr_u addr;
int on = 1;
int err;
+ char errbuf[100];
switch (family) {
case AF_INET:
- addr.sin_family = AF_INET;
- addr.sin_port = htons(port);
- addr.sin_addr.s_addr= htonl(INADDR_ANY);
+ addr.sa4.sin_family = AF_INET;
+ addr.sa4.sin_port = htons(port);
+ addr.sa4.sin_addr.s_addr= htonl(INADDR_ANY);
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0) {
- msyslog(LOG_ERR, "NTSs: Can't create socket4: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: Can't create socket4: %s", errbuf);
return -1;
}
err = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't setsockopt4: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't setsockopt4: %s", errbuf);
close(sock);
return -1;
}
- err = bind(sock, (struct sockaddr*)&addr, sizeof(addr));
+ err = bind(sock, &addr.sa, sizeof(addr.sa4));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't bind4: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't bind4: %s", errbuf);
close(sock);
return -1;
}
if (listen(sock, 6) < 0) {
- msyslog(LOG_ERR, "NTSs: can't listen4: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't listen4: %s", errbuf);
close(sock);
return -1;
}
msyslog(LOG_INFO, "NTSs: listen4 worked");
break;
case AF_INET6:
- addr6.sin6_family = AF_INET6;
- addr6.sin6_port = htons(port);
- addr6.sin6_addr = in6addr_any;
+ addr.sa6.sin6_family = AF_INET6;
+ addr.sa6.sin6_port = htons(port);
+ addr.sa6.sin6_addr = in6addr_any;
sock = socket(AF_INET6, SOCK_STREAM, 0);
if (sock < 0) {
- msyslog(LOG_ERR, "NTSs: Can't create socket6: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: Can't create socket6: %s", errbuf);
return -1;
}
/* Hack to keep IPV6 from listening on IPV4 too */
err = setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't setsockopt6only: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't setsockopt6only: %s", errbuf);
close(sock);
return -1;
}
err = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't setsockopt6: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't setsockopt6: %s", errbuf);
close(sock);
return -1;
}
- err = bind(sock, (struct sockaddr*)&addr6, sizeof(addr6));
+ err = bind(sock, &addr.sa, sizeof(addr.sa6));
if (0 > err) {
- msyslog(LOG_ERR, "NTSs: can't bind6: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't bind6: %s", errbuf);
close(sock);
return -1;
}
if (listen(sock, 6) < 0) {
- msyslog(LOG_ERR, "NTSs: can't listen6: %s", strerror(errno));
+ strerror_r(errno, errbuf, sizeof(errbuf));
+ msyslog(LOG_ERR, "NTSs: can't listen6: %s", errbuf);
close(sock);
return -1;
}
=====================================
tests/common/tests_main.c
=====================================
@@ -79,6 +79,7 @@ static void RunAllTests(void)
int main(int argc, const char * argv[]) {
+ getbuf_init();
ssl_init();
auth_init();
init_network();
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/91278329f77036f4f23802a762f80b4efd418650...1a6b51e02f1dfa01325a08b0e7fdf0e907d1f4c5
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/91278329f77036f4f23802a762f80b4efd418650...1a6b51e02f1dfa01325a08b0e7fdf0e907d1f4c5
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190407/65d9e0eb/attachment-0001.html>
More information about the vc
mailing list